"use strict"

module.exports = (appInfo) => {
  const config = (exports = {})

  // use for cookie sign key, should change to your own and keep security
  config.keys = appInfo.name + "_1523415779575_1091"

  // add your config here
  config.middleware = ["errorHandler", "notfoundHandler"]

  config.jwt = {
    secret: "123456",
    getToken(ctx) {
      if (
        ctx.headers.authorization &&
        (ctx.headers.authorization.split(" ")[0] === "Bearer" ||
          ctx.headers.authorization.split(" ")[0] === "Token")
      ) {
        return ctx.headers.authorization.split(" ")[1]
      } else if (ctx.query && ctx.query.token) {
        return ctx.query.token
      }
      return null
    }
  }

  exports.sequelize = {
    dialect: "mysql",
    database: process.env.DB_DATABASE || "realworld",
    host: process.env.DB_HOST || "42.240.131.94",
    port: process.env.DB_PORT || "3306",
    username: process.env.DB_USER || "root",
    password: process.env.DB_PASSWORD || "root",
    timezone: "+08:00" // 东八时区
  }

  exports.security = {
    csrf: {
      enable: false
    }
  }

  exports.cors = {
    origin: "*",
    allowMethods: "GET,HEAD,PUT,POST,DELETE,PATCH"
  }

  return config
}
